Please turn on your JavaScript for this page to function normally.
![PHP](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092821/php-400x200.jpg)
PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)
An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks …
![SSL VPN](https://img.helpnetsecurity.com/wp-content/uploads/2019/08/09093457/SSL-VPN-400x200.jpg)
Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs
Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure …
![Palo Alto Networks](https://img.helpnetsecurity.com/wp-content/uploads/2019/05/09094234/palo_alto_networks-400x200.jpg)
Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways
Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege